github/codeql-action
1
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2025-12-29 02:30:11 +08:00
Code Issues Packages Projects Releases Wiki Activity
8,257 Commits 297 Branches 500 Tags
c3dc529aef20e50d2567365bf3bec42ca2e5a3d9
Commit Graph

8257 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
copilot-swe-agent[bot]
c3dc529aef Address feedback: cache git version, improve error handling, add telemetry 
- Cache the git version to avoid recomputing on repeated calls
- Refactor getGitVersion to getGitVersionOrThrow with detailed errors
- Add getGitVersion that logs errors and handles caching
- Add makeTelemetryDiagnostic helper to diagnostics.ts
- Add logGitVersionTelemetry function to log git version telemetry
- Call logGitVersionTelemetry in init-action.ts
- Add resetCachedGitVersion for testing
- Update tests to work with new function signatures and caching

Co-authored-by: henrymercer <14129055+henrymercer@users.noreply.github.com>
 2025-12-16 17:19:46 +00:00
copilot-swe-agent[bot]
fc2bbb041e Address code review feedback 
- Add test for Windows-style git version format
- Add comment clarifying regex extracts major.minor.patch
- Replace dynamic import with static import for semver

Co-authored-by: henrymercer <14129055+henrymercer@users.noreply.github.com>
 2025-12-16 16:27:41 +00:00
copilot-swe-agent[bot]
89753aa84b Add git version check for overlay analysis enablement 
Overlay analysis depends on `getFileOidsUnderPath`, which uses
`git ls-files --format` option that requires Git 2.38.0+. This
change adds a check for the git version before enabling overlay
analysis.

Co-authored-by: henrymercer <14129055+henrymercer@users.noreply.github.com>
 2025-12-16 16:22:23 +00:00
copilot-swe-agent[bot]
aff7998c4a Initial plan 2025-12-16 16:09:09 +00:00
Henry Mercer
c07cc0d3a9 Merge pull request #3351 from github/henrymercer/ghec-dr-determine-tools-version-from-ffs 
Determine CodeQL version from feature flags on GHEC-DR
 2025-12-16 13:42:01 +00:00
Henry Mercer
a2ee53c0d3 Use full names for GitHub variants 2025-12-16 13:23:24 +00:00
Michael B. Gale
b5e1a28b8a Merge pull request #3365 from github/dependabot/github_actions/dot-github/workflows/actions/download-artifact-7 
Bump actions/download-artifact from 6 to 7 in /.github/workflows
 2025-12-16 12:17:14 +00:00
Michael B. Gale
c2d4383e64 Merge branch 'main' into dependabot/github_actions/dot-github/workflows/actions/download-artifact-7 2025-12-15 22:00:03 +00:00
Michael B. Gale
d0ad1da72a Merge pull request #3364 from github/dependabot/github_actions/dot-github/workflows/actions-minor-8751820eb1 
Bump ruby/setup-ruby from 1.269.0 to 1.270.0 in /.github/workflows in the actions-minor group across 1 directory
 2025-12-15 21:08:40 +00:00
Michael B. Gale
07cd437640 Merge pull request #3366 from github/dependabot/github_actions/dot-github/workflows/actions/upload-artifact-6 
Bump actions/upload-artifact from 5 to 6 in /.github/workflows
 2025-12-15 18:18:05 +00:00
Michael B. Gale
a682bbe410 Merge pull request #3309 from github/mbg/ff/make-new-upload-default 
Remove `AnalyzeUseNewUpload` FF and make its behaviour the default
 2025-12-15 17:24:57 +00:00
github-actions[bot]
7fd7db3f26 Rebuild 2025-12-15 17:20:17 +00:00
github-actions[bot]
d6c1a791b7 Rebuild 2025-12-15 17:20:02 +00:00
dependabot[bot]
034374eb3f Bump actions/upload-artifact from 5 to 6 in /.github/workflows 
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 5 to 6.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](https://github.com/actions/upload-artifact/compare/v5...v6)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-12-15 17:18:40 +00:00
dependabot[bot]
6dbc22c93f Bump actions/download-artifact from 6 to 7 in /.github/workflows 
Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 6 to 7.
- [Release notes](https://github.com/actions/download-artifact/releases)
- [Commits](https://github.com/actions/download-artifact/compare/v6...v7)

---
updated-dependencies:
- dependency-name: actions/download-artifact
  dependency-version: '7'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-12-15 17:18:32 +00:00
dependabot[bot]
a539068a61 Bump ruby/setup-ruby 
Bumps the actions-minor group with 1 update in the /.github/workflows directory: [ruby/setup-ruby](https://github.com/ruby/setup-ruby).


Updates `ruby/setup-ruby` from 1.269.0 to 1.270.0
- [Release notes](https://github.com/ruby/setup-ruby/releases)
- [Changelog](https://github.com/ruby/setup-ruby/blob/master/release.rb)
- [Commits](d697be2f83...ac793fdd38)

---
updated-dependencies:
- dependency-name: ruby/setup-ruby
  dependency-version: 1.270.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-12-15 17:18:28 +00:00
Michael B. Gale
b30cb9ae2a Merge branch 'main' into mbg/ff/make-new-upload-default 2025-12-15 16:28:30 +00:00
Michael B. Gale
009fe6b0c1 Remove AnalyzeUseNewUpload FF 2025-12-15 16:27:29 +00:00
Michael B. Gale
b1dea65f65 Make postProcessAndUploadSarif the default 2025-12-15 16:27:19 +00:00
Henry Mercer
7e0b77e3a8 Merge pull request #3349 from github/dependabot/github_actions/dot-github/workflows/actions-minor-dc476f2f5b 
Bump the actions-minor group across 1 directory with 2 updates
 2025-12-15 15:38:25 +00:00
Henry Mercer
0264b51610 Merge pull request #3348 from github/dependabot/npm_and_yarn/npm-minor-38a2a793c5 
Bump the npm-minor group with 5 updates
 2025-12-15 15:37:54 +00:00
Henry Mercer
2ac846d41e Merge branch 'main' into dependabot/npm_and_yarn/npm-minor-38a2a793c5 2025-12-15 14:12:45 +00:00
Óscar San José
4b675e451b Merge pull request #3356 from github/mergeback/v4.31.8-to-main-1b168cd3 
Mergeback v4.31.8 refs/heads/releases/v4 into main
 2025-12-12 10:48:29 +01:00
github-actions[bot]
65bad627f3 Rebuild 2025-12-12 08:52:54 +00:00
github-actions[bot]
4564f5e482 Update changelog and version after v4.31.8 2025-12-12 08:44:31 +00:00
Óscar San José
1b168cd394 Merge pull request #3355 from github/update-v4.31.8-1b0b941e1 
Merge main into releases/v4
v4.31.8 		2025-12-12 09:43:00 +01:00
github-actions[bot]
120f277b16 Update changelog for v4.31.8 2025-12-11 17:23:34 +00:00
Óscar San José
1b0b941e1f Merge pull request #3354 from github/update-bundle/codeql-bundle-v2.23.8 
Update default bundle to 2.23.8
 2025-12-11 17:25:18 +01:00
github-actions[bot]
db812c1ae6 Add changelog note 2025-12-11 15:46:24 +00:00
github-actions[bot]
2930dba17a Update default bundle to codeql-bundle-v2.23.8 2025-12-11 15:46:14 +00:00
Henry Mercer
da501245d4 Update PR template to include GHEC-DR 2025-12-10 17:41:20 +00:00
Henry Mercer
1fc7d3785d Rename GHE_DOTCOM to GHEC_DR 
This more closely reflects the published naming https://docs.github.com/en/enterprise-cloud@latest/admin/data-residency/about-github-enterprise-cloud-with-data-residency
 2025-12-10 17:41:19 +00:00
Henry Mercer
7a55ffeaf1 Determine CodeQL version from feature flags on GHEC-DR 2025-12-10 17:35:27 +00:00
Kasper Svendsen
c43362b91a Merge pull request #3340 from github/kaspersv/check-for-overlayBaseSpecifier 
Overlay: Check database metadata for overlayBaseSpecifier
codeql-bundle-v2.23.8 		2025-12-09 11:37:30 +01:00
Kasper Svendsen
002a7f25fd Overlay: log overlayBaseSpecifier at debug log-level 2025-12-09 09:44:56 +01:00
Kasper Svendsen
5b7e7fcc9c Update src/codeql.ts 
Co-authored-by: Henry Mercer <henrymercer@github.com>
 2025-12-09 09:41:33 +01:00
github-actions[bot]
cd48547da5 Rebuild 2025-12-08 17:18:17 +00:00
dependabot[bot]
44570be32d Bump the actions-minor group across 1 directory with 2 updates 
Bumps the actions-minor group with 2 updates in the /.github/workflows directory: [ruby/setup-ruby](https://github.com/ruby/setup-ruby) and [actions/create-github-app-token](https://github.com/actions/create-github-app-token).


Updates `ruby/setup-ruby` from 1.268.0 to 1.269.0
- [Release notes](https://github.com/ruby/setup-ruby/releases)
- [Changelog](https://github.com/ruby/setup-ruby/blob/master/release.rb)
- [Commits](8aeb6ff803...d697be2f83)

Updates `actions/create-github-app-token` from 2.2.0 to 2.2.1
- [Release notes](https://github.com/actions/create-github-app-token/releases)
- [Commits](https://github.com/actions/create-github-app-token/compare/v2.2.0...v2.2.1)

---
updated-dependencies:
- dependency-name: ruby/setup-ruby
  dependency-version: 1.269.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions-minor
- dependency-name: actions/create-github-app-token
  dependency-version: 2.2.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: actions-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-12-08 17:16:45 +00:00
github-actions[bot]
b73d396b48 Rebuild 2025-12-08 17:03:51 +00:00
dependabot[bot]
0ffebf72b2 Bump the npm-minor group with 5 updates 
Bumps the npm-minor group with 5 updates:

| Package | From | To |
| --- | --- | --- |
| [node-forge](https://github.com/digitalbazaar/forge) | `1.3.2` | `1.3.3` |
| [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) | `8.48.0` | `8.48.1` |
| [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) | `8.48.0` | `8.48.1` |
| [esbuild](https://github.com/evanw/esbuild) | `0.27.0` | `0.27.1` |
| [eslint-plugin-jsdoc](https://github.com/gajus/eslint-plugin-jsdoc) | `61.4.1` | `61.5.0` |


Updates `node-forge` from 1.3.2 to 1.3.3
- [Changelog](https://github.com/digitalbazaar/forge/blob/main/CHANGELOG.md)
- [Commits](https://github.com/digitalbazaar/forge/compare/v1.3.2...v1.3.3)

Updates `@typescript-eslint/eslint-plugin` from 8.48.0 to 8.48.1
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.48.1/packages/eslint-plugin)

Updates `@typescript-eslint/parser` from 8.48.0 to 8.48.1
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.48.1/packages/parser)

Updates `esbuild` from 0.27.0 to 0.27.1
- [Release notes](https://github.com/evanw/esbuild/releases)
- [Changelog](https://github.com/evanw/esbuild/blob/main/CHANGELOG.md)
- [Commits](https://github.com/evanw/esbuild/compare/v0.27.0...v0.27.1)

Updates `eslint-plugin-jsdoc` from 61.4.1 to 61.5.0
- [Release notes](https://github.com/gajus/eslint-plugin-jsdoc/releases)
- [Commits](https://github.com/gajus/eslint-plugin-jsdoc/compare/v61.4.1...v61.5.0)

---
updated-dependencies:
- dependency-name: node-forge
  dependency-version: 1.3.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: npm-minor
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-version: 8.48.1
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-minor
- dependency-name: "@typescript-eslint/parser"
  dependency-version: 8.48.1
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-minor
- dependency-name: esbuild
  dependency-version: 0.27.1
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-minor
- dependency-name: eslint-plugin-jsdoc
  dependency-version: 61.5.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-12-08 17:02:12 +00:00
Óscar San José
149d184a51 Merge pull request #3345 from github/mergeback/v4.31.7-to-main-cf1bb45a 
Mergeback v4.31.7 refs/heads/releases/v4 into main
 2025-12-05 21:43:41 +01:00
github-actions[bot]
97c2630b10 Rebuild 2025-12-05 17:21:46 +00:00
github-actions[bot]
b93926dc35 Update changelog and version after v4.31.7 2025-12-05 17:19:09 +00:00
Óscar San José
cf1bb45a27 Merge pull request #3344 from github/update-v4.31.7-f5c63fadd 
Merge main into releases/v4
v4.31.7 		2025-12-05 18:17:21 +01:00
github-actions[bot]
f4ebe95061 Update changelog for v4.31.7 2025-12-05 15:18:53 +00:00
Óscar San José
f5c63fadd5 Merge pull request #3343 from github/update-bundle/codeql-bundle-v2.23.7 
Update default bundle to 2.23.7
 2025-12-05 15:06:47 +01:00
github-actions[bot]
a2c01e776e Add changelog note 2025-12-05 13:39:53 +00:00
github-actions[bot]
ac34c13834 Update default bundle to codeql-bundle-v2.23.7 2025-12-05 13:39:45 +00:00
Michael B. Gale
267c4672a5 Merge pull request #3339 from github/dependabot/npm_and_yarn/npm-minor-77d26487b0 
Bump @eslint/eslintrc from 3.3.1 to 3.3.3 in the npm-minor group
codeql-bundle-v2.23.7 		2025-12-03 14:27:03 +00:00
Michael B. Gale
aeabef7b69 Merge branch 'main' into dependabot/npm_and_yarn/npm-minor-77d26487b0 2025-12-03 12:43:12 +00:00